USN-1647-1: Linux kernel (OMAP4) vulnerabilities

Ubuntu Security Notice USN-1647-1

linux-ti-omap4 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 12.10

Summary

Several security issues were fixed in the kernel.

Software description

linux-ti-omap4
- Linux kernel for OMAP4

Details

Brad Spengler discovered a flaw in the Linux kernel's uname system call. Anunprivileged user could exploit this flaw to read kernel stack memory.(CVE-2012-0957)

Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinoiscongestion control algorithm. A local attacker could use this to cause adenial of service. (CVE-2012-4565)

Mathias Krause discovered a flaw in the Linux kernel's XFRM netlinkinterface. A local user with the NET_ADMIN capability could exploit thisflaw to leak the contents of kernel memory. (CVE-2012-6536)

Mathias Krause discovered several errors in the Linux kernel's xfrm_userimplementation. A local attacker could exploit these flaws to examine partsof kernel memory. (CVE-2012-6537)

Mathias Krause discovered an information leak in the Linux kernel'sxfrm_user copy_to_user_auth function. A local user could exploit this flawto examine parts of kernel heap memory. (CVE-2012-6538)

A flaw was discovered in the Linux kernels handling of memory ranges withPROT_NONE when transparent hugepages are in use. An unprivileged local usercould exploit this flaw to cause a denial of service (crash the system).(CVE-2013-0309)

Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A localattacker with NET_ADMIN capability could potentially exploit this flaw toescalate privileges. (CVE-2013-1826)

Update instructions

The problem can be corrected by updating your system to the following
package version: